Requires

License

GPL-3.0+ AND AGPL-3.0+ AND BSD-2-Clause AND MIT AND GPL-2.0

Changelog

* Wed Jun 27 2018 psimons@suse.com
- Update to version 6.20180626 to fix two security issues that
remote attackers could exploit to get unauthorized access to
local files and even decrypt them with the user's private GPG
key. [bsc#1098062, CVE-2018-10857, bsc#1098364, CVE-2018-10859]
Important changes are:
* Refuse to download content, that cannot be verified with a
hash, from encrypted special remotes (for CVE-2018-10859), and
from all external special remotes and glacier (for
CVE-2018-10857). In particular, URL and WORM keys stored on
such remotes won't be downloaded. If this affects your files,
you can run `git-annex migrate` on the affected files, to
convert them to use a hash.
* Added annex.security.allow-unverified-downloads, which can
override the above.
* Added annex.security.allowed-url-schemes setting, which
defaults to only allowing http, https, and ftp URLs. Note
especially that file:/ is no longer enabled by default.
* Removed annex.web-download-command, since its interface does
not allow supporting annex.security.allowed-url-schemes across
redirects. If you used this setting, you may want to instead
use annex.web-options to pass options to curl.
* git-annex will refuse to download content from http servers on
localhost, or any private IP addresses, to prevent accidental
exposure of internal data. This can be overridden with the
annex.security.allowed-http-addresses setting.
* Local http proxies will not be used unless allowed by the
annex.security.allowed-http-addresses setting.
* Since the interfaces to curl and youtube-dl do not have a way
to prevent them from accessing localhost or private IP
addresses, they default to not being used for url downloads.
Only when annex.security.allowed-http-addresses=all will curl
and youtube-dl be used.
Additionally, this update brings many bug fixes and new features.
http://hackage.haskell.org/package/git-annex-6.20180626/changelog
has a detailed list of changes.
* Fri Oct 27 2017 psimons@suse.com
- Update to version 6.20171026.
* Windows: Fix reversion that caused the path used to link
to annexed content to include the drive letter and full path, rather
than being relative. (`git annex fix` will fix up after this problem).
* Windows build fixed, and changed to use stack for more reliable build
environment.
* Windows: Remove wget from bundle; it needs libraries that are not
included, and git for windows includes curl which git-annex will use
instead.
* Add day to metadata when annex.genmetadata is enabled.
Thanks, Sean T Parsons
* stack.yaml: Added nix packages section.
Thanks, Sean T Parsons
* Thu Oct 19 2017 psimons@suse.com
- Update to version 6.20171018.
* add: Replace work tree file atomically on systems supporting hard
links. Avoids a window where interrupting an add could result in
the file being moved into the annex, with no symlink yet created.
* webdav: Avoid unncessisarily creating the collection at the top
of the repository when storing files there, since that collection
is created by initremote.
(This seems to work around some brokenness of the box.com webdav
server, which caused uploads to be very slow or sometimes fail.)
* webdav: Make --debug show all webdav operations.
* get -J/move -J/copy -J/mirror -J/sync -J: Avoid "transfer already in
progress" errors when two files use the same key.
* Konqueror desktop file location changed to one used by plasma 5.
Thanks, Félix Sipma.
* Avoid repeated checking that files passed on the command line exist.
* Fix build with aws-0.17.
* stack.yaml: Update to lts-9.9.
* Wed Oct 04 2017 psimons@suse.com
- Update to version 6.20171003.
* webdav: Improve error message for failed request to include the request
method and path.
* metadata: Added --remove-all.
* Warn when metadata is inherited from a previous version of a file,
to avoid the user being surprised in cases where that behavior is not
desired or expected.
* sync: Added --cleanup, which removes local and remote synced/ branches.
* external: When the external special remote program crashed, a newline
could be output, which messed up the expected output for --batch mode.
* external: Avoid checking EXPORTSUPPORTED for special remotes that are
not configured to use exports.
* test: Fix reversion that made it only run inside a git repository.
* copy, move: Behave same with --fast when sending to remotes located
on a local disk as when sending to other remotes.
* Fix process and file descriptor leak that was exposed when
git-annex was built with ghc 8.2.1. Broke git-annex test on OSX
due to running out of FDs, and may have also leaked in other situations.
* info: Improve cleanup of stale transfer info files.
* Tue Sep 26 2017 psimons@suse.com
- Update to version 6.20170925.
* git-annex export: New command, can create and efficiently update
exports of trees to special remotes.
* Use git-annex initremote with exporttree=yes to set up a special remote
for use by git-annex export.
* Implemented export to directory, S3, and webdav special remotes.
* External special remote protocol extended to support export.
Developers of external special remotes should consider if export makes
sense for them and add support.
* sync, assistant: Update tracking exports.
* Support building with feed-1.0, while still supporting older versions.
* init: Display an additional message when it detects a filesystem that
allows writing to files whose write bit is not set.
* S3: Allow removing files from IA.
* webdav: Checking if a non-existent file is present on Box.com
triggered a bug in its webdav support that generates an infinite series
of redirects. Deal with such problems by assuming such behavior means
the file is not present.
* webdav: Fix lack of url-escaping of filenames. Mostly impacted exports
of filenames containing eg spaces.
* webdav: Changed path used on webdav server for temporary files.
* Mon Sep 18 2017 psimons@suse.com
- The upstream release tarball changed in some trivial way. Copy
the new tarball into place to keep our version in sync.
* Mon Aug 21 2017 psimons@suse.com
- Update to version 6.20170818 (bsc#1054653, CVE-2017-12976).
* Security fix: Disallow hostname starting with a dash, which
would get passed to ssh and be treated an option. This could
be used by an attacker who provides a crafted repository url
to cause the victim to execute arbitrary code via -oProxyCommand.
(The same class of security hole recently affected git itself.)
* git-annex.cabal: Deal with breaking changes in Cabal 2.0.
* Fix build with QuickCheck 2.10.
* fsck: Support --json.
* move, copy: Support --batch.
* Added GIT_ANNEX_VECTOR_CLOCK environment variable, which can be used to
override the default timestamps used in log files in the git-annex
branch. This is a dangerous environment variable; use with caution.
* Fix a git-annex test failure when run on NFS due to NFS lock files
preventing directory removal.
* test: Avoid most situations involving failure to delete test
directories, by forking a worker process and only deleting the test
directory once it exits.
* Disable http-client's default 30 second response timeout when HEADing
an url to check if it exists. Some web servers take quite a long time
to answer a HEAD request.
* Added remote configuration settings annex-ignore-command and
annex-sync-command, which are dynamic equivilants of the annex-ignore
and annex-sync configurations.
* Prevent spaces from being embedded in the name of new WORM keys,
as that handing spaces in keys would complicate things like the
external special remote protocol.
* migrate: WORM keys containing spaces will be migrated to not contain
spaces anymore.
* External special remotes will refuse to operate on keys with spaces in
their names. That has never worked correctly due to the design of the
external special remote protocol. Display an error message suggesting
migration.
* Fix incorrect external special remote documentation, which said that
the filename parameter to the TRANSFER command could not contain
spaces. It can in fact contain spaces. Special remotes implementors
that relied on that may need to fix bugs in their special remotes.
* Fix the external special remotes git-annex-remote-ipfs,
git-annex-remote-torrent and the example.sh template to correctly
support filenames with spaces.
* Windows: Win32 package has subsumed Win32-extras; update dependency.
* Thu Aug 03 2017 psimons@suse.com
- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf.
* Mon Jun 19 2017 psimons@suse.com
- Update to version 6.20170520.
* Mon May 22 2017 psimons@suse.com
- Update to version 6.20170519 with cabal2obs.
* Tue May 16 2017 psimons@suse.com
- Update to version 6.20170510 with cabal2obs.
* Wed Mar 22 2017 psimons@suse.com
- Update to version 6.20170321 with cabal2obs.
* Bugfix: Passing a command a filename that does not exist sometimes did not display an error, when a path to a directory was also passed.
* status: Propigate nonzero exit code from git status.
* Linux standalone builds put the bundled ssh last in PATH, so any system ssh will be preferred over it.
* assistant: Add 1/200th second delay between checking each file in the full transfer scan, to avoid using too much CPU.
* get -J: Improve distribution of jobs amoung remotes when there are more jobs than remotes.
* fsck -q: When a file has bad content, include the name of the file in the warning message.
* Windows: Improve handling of shebang in external special remote program, searching for the program in the PATH.
* Drop support for building with old versions of dns, http-conduit, directory, feed, and http-types.
* Windows: Fix bug in shell script shebang lookup code that caused a "delayed read on closed handle" error.
* git-annex-shell: Fix bug when used with a recently cloned repository, where "merging" messages were included in the output of configlist (and perhaps other commands) and caused a "Failed to get annex.uuid configuration" error.
* Support GIT_SSH and GIT_SSH_COMMAND, which are handled close the same as they are by git. However, unlike git, git-annex sometimes needs to pass the -n parameter when using these.
* sync --content-of=path (-C path) added for when you want to sync only some files' contents, not the whole working tree.
* Thu Mar 02 2017 psimons@suse.com
- Update to version 6.20170301.1 with cabal2obs.
* Mon Feb 20 2017 psimons@suse.com
- Update to version 6.20170214 with cabal2obs.
* Wed Jan 04 2017 psimons@suse.com
- Update to version 6.20170101 with cabal2obs.
* Fri Dec 16 2016 psimons@suse.com
- Update to version 6.20161210 with cabal2obs.
* Sun Nov 20 2016 psimons@suse.com
- Update to version 6.20161118 with cabal2obs.
* Mon Nov 14 2016 psimons@suse.com
- Update to version 6.20161111 with cabal2obs.
* Tue Nov 01 2016 psimons@suse.com
- Update to version 6.20161031 with cabal2obs.
* Sun Oct 30 2016 psimons@suse.com
- Update to version 6.20161027 with cabal2obs.
* Mon Oct 17 2016 psimons@suse.com
- Update to version 6.20161012 with cabal2obs.
* Mon Sep 26 2016 psimons@suse.com
- Update to version 6.20160923 with cabal2obs.
* Wed Sep 21 2016 psimons@suse.com
- Update to version 6.20160907 with cabal2obs.
* Sun Jul 10 2016 psimons@suse.com
- Update to version 6.20160511 revision 0 with cabal2obs.
* Fri Jun 17 2016 psimons@suse.com
- Declare the fact that the git-annex bash-completion sub-package
supplements normal bash-completions, i.e. it's a recommended
package. Suggested by @dimstar in his OBS review.
* Tue Jun 14 2016 mimi.vx@gmail.com
- Declare build requirement on 'bash-completion' to fix the build in
Tumbleweed.
* Thu May 12 2016 mimi.vx@gmail.com
- update to 6.20160511
* Fix bug that sometimes prevented git-annex smudge --clean from consuming
all its input, which resulted in git add bypassing git-annex.
* Fix build with directory-1.2.6.2.
* Improve behavior when a just added http remote is not available
during uuid probe. Do not mark it as annex-ignore, so it will be tried
again later.
* Added DIRHASH-LOWER to external special remote protocol.
* git-annex.cabal: Add Setup-Depends.
* map: Hide dead repositories that are not connected to the graph.
* map: Changed colors; red is used for untrusted repositories and grey
for dead.
* version: Display OS version and architecture too.
* Propigate GIT_DIR and GIT_WORK_TREE environment to external special
remotes.
* Added annex.gnupg-decrypt-options and
remote.<name>.annex-gnupg-decrypt-options, which are passed to gpg
when it's decrypting data.
* fsck: When a key is not previously known in the location log,
record something so that reinject --known will work.
* In the unusual configuration where annex.crippledfilesystem=true but
core.symlinks=true, store object contents in mixed case hash
directories so that symlinks will point to them.
* Added new encryption=sharedpubkey mode for special remotes.
This is useful for makking a special remote that anyone with a clone
of the repo and your public keys can upload files to, but only you can
decrypt the files stored in it.
* Sat Apr 30 2016 mimi.vx@gmail.com
- update to 6.20160419
* Fix bug that prevented resuming of uploads to encrypted special remotes
that used chunking.
* That bug could also expose the names of keys to such remotes when
attempting to resume an upload, so it is a minor security issue.
* Fix duplicate progress meter display when downloading from a git remote
over http with -J.
* reinject: When src file's content cannot be verified, leave it alone,
instead of deleting it.
* reinject: Added new mode which can reinject known files into the annex.
For example: git-annex reinject --known /mnt/backup/*
* calckey: New plumbing command, calculates the key that would be used
to refer to a file.
* Fix bug that prevented annex.sshcaching=false configuration from taking
effect when on a crippled filesystem. Thanks, divergentdave.
* git 2.9.0 is going to prevent git merge from merging in unrelated
branches. Since the webapp's pairing etc features often combine
together repositories with unrelated histories, work around
this behavior change when the assistant merges, by passing
- -allow-unrelated-histories. Note though that this is not done
for git annex sync's merges, so it will follow git's default or
configured behavior.
* When git-annex is used with a git version older than 2.2.0, disable
support for adjusted branches, since GIT_COMMON_DIR is needed to update
them and was first added in that version of git.
* Avoid setting LOCPATH in linux standalone builds that are built with
a ghc that has been fixed to not hang when it cannot find locale files.
* Isolate test suite from global git config settings.
* Thu Apr 28 2016 psimons@suse.com
- Add "ghc-magic" dependency to enable support for libmagic-based
guessing of MIME types.
* Thu Apr 28 2016 psimons@suse.com
- Add "ghc-mountpoints" dependency to fix support for the Assistant.
* Tue Apr 26 2016 psimons@suse.com
- Improve accuracy of the license header to include AGPL-licensed
parts of the package.
* Tue Apr 19 2016 mimi.vx@gmail.com
- update to 6.20160418
* smudge: Print a warning when annex.thin is set, as git's smudge
interface does not allow honoring that configuration.
* webapp: When $HOME is a git repository, and has been initialized for
use by git-annex, opening the webapp went ahead and ran the assistant
there, annexing all files. Since this is almost certianly not
desirable, especially when the user is just opening the webapp from
a dekstop menu which happens to run it in $HOME, the webapp will now not
treat such a $HOME git repository as a git-annex repository.
* webapp: Update url to add gitlab.com ssh key.
* Fix bug in v6 mode that prevented treating unlocked executable files
as annexed. If you have such files, run git annex init --version=6
to update the cache after upgrading to this version of git-annex.
* Preserve execute bits of unlocked files in v6 mode.
* fsck: Warn when core.sharedRepository is set and an annex object file's
write bit is not set and cannot be set due to the file being owned
by a different user.
* Fix hang when dropping content needs to lock the content on a
ssh remote, which occurred when the remote has git-annex version
5.20151019 or newer.
* Wed Apr 13 2016 mimi.vx@gmail.com
- update to 6.20160412
* adjust --unlock: Enters an adjusted branch in which all annexed files
are unlocked. The v6 equivilant of direct mode, but much cleaner!
* Upgrading a direct mode repository to v6 has changed to enter
an adjusted unlocked branch. This makes the direct mode to v6 upgrade
able to be performed in one clone of a repository without affecting
other clones, which can continue using v5 and direct mode.
* init --version=6: Automatically enter the adjusted unlocked branch
when filesystem doesn't support symlinks.
* ddar remote: fix ssh calls
* log: Display time with time zone.
* log --raw-date: Use to display seconds from unix epoch.
* v6: Close pointer file handles more quickly, to avoid problems on Windows.
* sync: Show output of git commit.
* Fix bug in annex.largefiles mimetype= matching when git-annex
is run in a subdirectory of the repository.
* Mon Mar 21 2016 mimi.vx@gmail.com
- update to 6.20160318
* metadata: Added -r to remove all current values of a field.
* Fix data loss that can occur when annex.pidlock is set in a repository.
* Fix bug preventing moving files to/from a repository with annex.pidlock set.
* Fix shared lock file FD leak.
* Fix metadata hook behavior when multiple files are added at once.
* Added dependencies on haskell mountpoints and disk-free-space
libraries, removing FFI code from git-annex.
* dropkey: Add --batch and --json.
* Always try to thaw content, even when annex.crippledfilesystem is set.
* Correct git-annex info to include unlocked files in v6 repository.
* Sped up git-annex add in direct mode and v6 by using
git hash-object --stdin-paths.
* Sped up git-annex merge by using git hash-object --stdin-paths.
* Mon Mar 07 2016 mimi.vx@gmail.com
- update to 6.20160229
* Update perlmagick build dependency.
* Fix memory leak in last release, which affected commands like
git-annex status when a large non-annexed file is present in the work
tree.
* fsck: When the only copy of a file is in a dead repository, mention
the repository.
* info: Mention when run in a dead repository.
* Linux and OSX standalone builds put the bundled gpg last in PATH,
so any system gpg will be preferred over it.
* Avoid crashing when built with MagicMime support, but when the magic
database cannot be loaded.
* Include magic database in the linux and OSX standalone builds.
* Fix memory leak when hashing files, which triggered during fsck
when an external hash program was not used.
(This leak was introduced in version 6.20160114.)
* Support --metadata field<number, --metadata field>number etc
to match ranges of numeric values.
* Similarly, support preferred content expressions like
metadata=field<number and metadata=field>number
* The pre-commit-annex hook script that automatically extracts
metadata has been updated to also use exiftool.
* Sun Feb 28 2016 mimi.vx@gmail.com
- update to 6.20160211
* annex.addsmallfiles: New option controlling what is done when
adding files not matching annex.largefiles.
* Fix reversion in lookupkey, contentlocation, and examinekey which
caused them to sometimes output side messages.
* webapp: Fix deletion of current repository directory.
* Added "nothing" to preferred content expression syntax.
* annex.largefiles can be configured in .gitattributes too;
this is particulary useful for v6 repositories, since the
.gitattributes configuration will apply in all clones of the
repository.
* Limit annex.largefiles parsing to the subset of preferred content
expressions that make sense in its context. So, not "standard"
or "lackingcopies", etc.
* annex.largefiles: Add support for mimetype=text/* etc, when git-annex
is linked with libmagic.
* matchexpression: Added --largefiles option to parse an annex.largefiles
expression.
* Brought back the dbus and xmpp build flags, so build from source can be
done without C libraries that may be hard to install.
* init: Fix bugs in submodule .git symlink fixup, that occurred when
initializing in a subdirectory of a submodule and a submodule of a
submodule.
* WebDAV: Set depth 1 in PROPFIND request, for better compatibility with
some servers. Thanks, wzhd.
* WebDAV: Remove a bogus trailing slash from the end of the url to the
temporary store location for a key. Thanks, wzhd.
* S3: Allow configuring with requeststyle=path to use path-style bucket
access instead of the default DNS-style access.
* Fix nasty reversion in the last release that broke sync --content's
handling of many preferred content expressions.
* whereis --json: Urls are now listed inside the remote that claims them,
rather than all together at the end.
* info, add, whereis, find: Support --batch mode.
* Force output to be line-buffered, even when it's not connected to the
terminal. This is particuarly important for commands with --batch
output, which was not always being flushed at an appropriate time.
* add, import: Support --json output.
* addurl --json: Include field for added key (unless the file was
added directly to git due to annex.largefiles configuration.)
(Also done by add --json and import --json)
* registerurl: Check if a remote claims the url, same as addurl does.
* Bug fix: Git config settings passed to git-annex -c did not always take
effect.
* assistant: Use udisks2 dbus events to detect when disks are mounted,
instead of relying on gnome/kde stuff that is not stable.
* Fix build with QuickCheck 2.8.2
* matchexpression: New plumbing command to check if a preferred content
expression matches some data.
* Removed the webapp-secure build flag, rolling it into the webapp build
flag.
* Removed the quvi, tahoe, feed, and tfds build flags, adding
aeson feed and regex-tdfa to the core dependencies.
* Roll the dns build flag into the assistant build flag.
* Tue Feb 23 2016 psimons@suse.com
- Initial version of git-annex-6.20160114.